And last, but not least:
ssh {
root-login deny;
protocol-version v2;
rate-limit 3;
}
Rate limit it in the [system services] stanza. 3 unsuccessful tries and the IP
is ignored.
- Chris.
P.S. the 'ssh' services port is defined in /etc/services. Unsure if you adjust
the line, that it may move the listening port. Might be worth a try; but
naturally this would be a Juniper-unsupported configuration and will probably
be overwritten on a software upgrade. It may also affect your firewall filters
in the [from] stanza. YMMV.
chrisk@fw02.miller> start shell
% grep ssh /etc/services
ssh 22/tcp #Secure Shell Login
ssh 22/udp #Secure Shell Login
On 2011-04-02, at 11:23 AM, Jesus Alvarez wrote:
> Hi,
>
> Is there a way to change the SSH port for managing the EX switches and M
> routers? We normally avoid using the standard port 22.
>
> Thanks!
>
>
> _______________________________________________
> juniper-nsp mailing list juniper-nsp@puck.nether.net
> https://puck.nether.net/mailman/listinfo/juniper-nsp
_______________________________________________
juniper-nsp mailing list juniper-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/juniper-nsp
